Healthcare
OneBlood confirms personal data stolen in July ransomware attack
Blood-donation not-for-profit OneBlood confirms that donors’ personal information was stolen in a ransomware attack last summer. OneBlood first notified the public about the attack on July 31, 2024, noting that ransomware actors had encrypted its virtual machines, forcing the healthcare organization to fall back to using manual processes. OneBlood is a supplier of blood to over 250 hospitals […]
Largest US addiction treatment provider notifies patients of data breach
BayMark Health Services, North America’s largest provider of substance use disorder (SUD) treatment and recovery services, is notifying an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. The Texas-based organization provides medication-assisted treatment (MAT) services targeting both substance use and mental health disorders to more than […]
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. The Miami-based company operates 12 locations across the United States and India, and it also provides revenue cycle management services to […]
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as […]
Ascension: Health data of 5.6 million stolen in ransomware attack
Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. The health network reported a total revenue of $28.3 billion in 2023 and operates 140 hospitals and 40 senior […]
ConnectOnCall breach exposes health data of over 910,000 patients
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023. ConnectOnCall is a telehealth platform and after-hours on-call answering service with automated patient call tracking for healthcare providers. “On May 12, 2024, […]
Anna Jaques Hospital ransomware breach exposed data of 300K patients
Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 310,000 patients. Anna Jaques is a not-for-profit community hospital in Massachusetts, recognized for delivering high-quality care and performing over 4,700 surgeries yearly. As a mid-size acute […]
Cyberattack at French hospital exposes health data of 750,000 patients
A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat actor using the nickname ‘nears’ (previously near2tlg) claimed to have attacked multiple healthcare facilities in France, alleging that they have access to the patient records of over […]
Hacker gets 10 years in prison for extorting US healthcare provider
Robert Purbeck, a 45-year-old man from Idaho, has been sentenced to ten years in prison for hacking at least 19 organizations in the United States, stealing the personal data of more than 132,000 people, and multiple extortion attempts. As showcased in the indictment, prosecutors linked multiple data theft and blackmail incidents to Purbeck (also known online […]
Ransomware attack forces UMC Health System to divert some patients
Texas healthcare provider UMC Health System was forced to divert some patients to other locations after a ransomware attack impacted its operations. In an announcement published on its website late last week, which is offline at the time of writing, UMC disclosed it is responding to an IT outage impacting its network. While facilities remain […]